massive update of the wheezy templates, but take them with a grain of salt for now, in particular:
- dkim is broken (pending code changes, this affects *everyone* with opendkim i suppose) - it has received *no* testing (yet) other noteworthy stuff: - nginx should be switched to upstream provided fcgi params file, as its essentially the same. - dovecot should now work with exim4 - for the most part, configs were switched to the commented version if available, that requires some more reading for the admins, but this isn't a problem for you... right? :) while i don't think any of this will break horribly, like drinking the beer in your fridge or some other nasty stuff, it will still require testing Signed-off-by: Robert Förster (Dessa) <Dessa@froxlor.org>
This commit is contained in:
Robert Förster (Dessa)
@@ -15,33 +15,51 @@ ModuleControlsACLs lsmod allow user *
|
||||
LoadModule mod_ctrls_admin.c
|
||||
LoadModule mod_tls.c
|
||||
|
||||
# Install proftpd-mod-mysql or proftpd-mod-pgsql to use this
|
||||
LoadModule mod_sql.c
|
||||
# Install one of proftpd-mod-mysql, proftpd-mod-pgsql or any other
|
||||
# SQL backend engine to use this module and the required backend.
|
||||
# This module must be mandatory loaded before anyone of
|
||||
# the existent SQL backeds.
|
||||
#LoadModule mod_sql.c
|
||||
|
||||
# Install proftpd-mod-ldap to use this
|
||||
#LoadModule mod_ldap.c
|
||||
|
||||
#
|
||||
# 'SQLBackend mysql' or 'SQLBackend postgres' directives are required
|
||||
# to have SQL authorization working. You can also comment out the
|
||||
# 'SQLBackend mysql' or 'SQLBackend postgres' (or any other valid backend) directives
|
||||
# are required to have SQL authorization working. You can also comment out the
|
||||
# unused module here, in alternative.
|
||||
#
|
||||
|
||||
# Install proftpd-mod-mysql to use this
|
||||
# Install proftpd-mod-mysql and decomment the previous
|
||||
# mod_sql.c module to use this.
|
||||
LoadModule mod_sql_mysql.c
|
||||
|
||||
# Install proftpd-mod-pgsql to use this
|
||||
# Install proftpd-mod-pgsql and decomment the previous
|
||||
# mod_sql.c module to use this.
|
||||
#LoadModule mod_sql_postgres.c
|
||||
|
||||
#LoadModule mod_radius.c
|
||||
# Install proftpd-mod-sqlite and decomment the previous
|
||||
# mod_sql.c module to use this
|
||||
#LoadModule mod_sql_sqlite.c
|
||||
|
||||
# Install proftpd-mod-odbc and decomment the previous
|
||||
# mod_sql.c module to use this
|
||||
#LoadModule mod_sql_odbc.c
|
||||
|
||||
# Install one of the previous SQL backends and decomment
|
||||
# the previous mod_sql.c module to use this
|
||||
#LoadModule mod_sql_passwd.c
|
||||
|
||||
LoadModule mod_radius.c
|
||||
LoadModule mod_quotatab.c
|
||||
LoadModule mod_quotatab_file.c
|
||||
|
||||
# Install proftpd-mod-ldap to use this
|
||||
#LoadModule mod_quotatab_ldap.c
|
||||
|
||||
# Install proftpd-mod-pgsql or proftpd-mod-mysql to use this
|
||||
LoadModule mod_quotatab_sql.c
|
||||
# Install one of the previous SQL backends and decomment
|
||||
# the previous mod_sql.c module to use this
|
||||
#LoadModule mod_quotatab_sql.c
|
||||
LoadModule mod_quotatab_radius.c
|
||||
LoadModule mod_wrap.c
|
||||
LoadModule mod_rewrite.c
|
||||
@@ -49,10 +67,28 @@ LoadModule mod_load.c
|
||||
LoadModule mod_ban.c
|
||||
LoadModule mod_wrap2.c
|
||||
LoadModule mod_wrap2_file.c
|
||||
# Install proftpd-mod-pgsql or proftpd-mod-mysql to use this
|
||||
# Install one of the previous SQL backends and decomment
|
||||
# the previous mod_sql.c module to use this
|
||||
#LoadModule mod_wrap2_sql.c
|
||||
LoadModule mod_dynmasq.c
|
||||
LoadModule mod_exec.c
|
||||
LoadModule mod_shaper.c
|
||||
LoadModule mod_ratio.c
|
||||
LoadModule mod_site_misc.c
|
||||
|
||||
LoadModule mod_sftp.c
|
||||
LoadModule mod_sftp_pam.c
|
||||
# Install one of the previous SQL backends and decomment
|
||||
# the previous mod_sql.c module to use this
|
||||
#LoadModule mod_sftp_sql.c
|
||||
|
||||
LoadModule mod_facl.c
|
||||
LoadModule mod_unique_id.c
|
||||
LoadModule mod_copy.c
|
||||
LoadModule mod_deflate.c
|
||||
LoadModule mod_ifversion.c
|
||||
LoadModule mod_tls_memcache.c
|
||||
|
||||
# keep this module the last one
|
||||
LoadModule mod_ifsession.c
|
||||
|
||||
|
||||
@@ -1,6 +1,7 @@
|
||||
#
|
||||
# /etc/proftpd/proftpd.conf -- This is a basic ProFTPD configuration file.
|
||||
# To really apply changes reload proftpd after modifications.
|
||||
# To really apply changes, reload proftpd after modifications, if
|
||||
# it runs in daemon mode. It is not required in inetd/xinetd mode.
|
||||
#
|
||||
|
||||
# Includes DSO modules
|
||||
@@ -8,6 +9,8 @@ Include /etc/proftpd/modules.conf
|
||||
|
||||
# Set off to disable IPv6 support which is annoying on IPv4 only boxes.
|
||||
UseIPv6 on
|
||||
# If set on you can experience a longer connection delay in many cases.
|
||||
IdentLookups off
|
||||
|
||||
ServerName "<SERVERNAME> FTP Server"
|
||||
ServerType standalone
|
||||
@@ -86,9 +89,14 @@ AllowOverwrite on
|
||||
TransferLog /var/log/proftpd/xferlog
|
||||
SystemLog /var/log/proftpd/proftpd.log
|
||||
|
||||
# Allow up- and downloads to be continued
|
||||
AllowRetrieveRestart On
|
||||
AllowStoreRestart On
|
||||
# Logging onto /var/log/lastlog is enabled but set to off by default
|
||||
#UseLastlog on
|
||||
|
||||
# In order to keep log file dates consistent after chroot, use timezone info
|
||||
# from /etc/localtime. If this is not set, and proftpd is configured to
|
||||
# chroot (e.g. DefaultRoot or <Anonymous>), it will use the non-daylight
|
||||
# savings timezone regardless of whether DST is in effect.
|
||||
#SetEnv TZ :/etc/localtime
|
||||
|
||||
<IfModule mod_quotatab.c>
|
||||
QuotaEngine on
|
||||
@@ -100,10 +108,10 @@ Ratios off
|
||||
|
||||
|
||||
# Delay engine reduces impact of the so-called Timing Attack described in
|
||||
# http://security.lss.hr/index.php?page=details&ID=LSS-2004-10-02
|
||||
# http://www.securityfocus.com/bid/11430/discuss
|
||||
# It is on by default.
|
||||
<IfModule mod_delay.c>
|
||||
DelayEngine off
|
||||
DelayEngine on
|
||||
</IfModule>
|
||||
|
||||
<IfModule mod_ctrls.c>
|
||||
@@ -122,10 +130,60 @@ AdminControlsEngine off
|
||||
# Alternative authentication frameworks
|
||||
#
|
||||
#Include /etc/proftpd/ldap.conf
|
||||
Include /etc/proftpd/sql.conf
|
||||
#Include /etc/proftpd/sql.conf
|
||||
|
||||
#
|
||||
# This is used for FTPS connections
|
||||
#
|
||||
#Include /etc/proftpd/tls.conf
|
||||
|
||||
#
|
||||
# Useful to keep VirtualHost/VirtualRoot directives separated
|
||||
#
|
||||
#Include /etc/proftpd/virtuals.conf
|
||||
|
||||
# A basic anonymous configuration, no upload directories.
|
||||
|
||||
# <Anonymous ~ftp>
|
||||
# User ftp
|
||||
# Group nogroup
|
||||
# # We want clients to be able to login with "anonymous" as well as "ftp"
|
||||
# UserAlias anonymous ftp
|
||||
# # Cosmetic changes, all files belongs to ftp user
|
||||
# DirFakeUser on ftp
|
||||
# DirFakeGroup on ftp
|
||||
#
|
||||
# RequireValidShell off
|
||||
#
|
||||
# # Limit the maximum number of anonymous logins
|
||||
# MaxClients 10
|
||||
#
|
||||
# # We want 'welcome.msg' displayed at login, and '.message' displayed
|
||||
# # in each newly chdired directory.
|
||||
# DisplayLogin welcome.msg
|
||||
# DisplayChdir .message
|
||||
#
|
||||
# # Limit WRITE everywhere in the anonymous chroot
|
||||
# <Directory *>
|
||||
# <Limit WRITE>
|
||||
# DenyAll
|
||||
# </Limit>
|
||||
# </Directory>
|
||||
#
|
||||
# # Uncomment this if you're brave.
|
||||
# # <Directory incoming>
|
||||
# # # Umask 022 is a good standard umask to prevent new files and dirs
|
||||
# # # (second parm) from being group and world writable.
|
||||
# # Umask 022 022
|
||||
# # <Limit READ WRITE>
|
||||
# # DenyAll
|
||||
# # </Limit>
|
||||
# # <Limit STOR>
|
||||
# # AllowAll
|
||||
# # </Limit>
|
||||
# # </Directory>
|
||||
#
|
||||
# </Anonymous>
|
||||
|
||||
# Include other custom configuration files
|
||||
Include /etc/proftpd/conf.d/
|
||||
|
||||
Reference in New Issue
Block a user